Smart City Technology May Be Vulnerable to Hackers

So-called smart cities, with wireless sensors controlling everything from traffic lights to water management, may be vulnerable to cyberattacks, according to a computer security expert.

Last year, Cesar Cerrudo, an Argentine security researcher and chief technology officer at IOActive Labs, demonstrated how 200,000 traffic control sensors installed in major hubs like Washington; New York; New Jersey; San Francisco; Seattle; Lyon, France; and Melbourne, Australia, were vulnerable to attack. Mr. Cerrudo showed how information coming from these sensors could be intercepted from 1,500 feet away or even by drone because one company had failed to encrypt its traffic.

Just last Saturday, Mr. Cerrudo tested the same traffic sensors in San Francisco and found that, one year later, they were still not encrypted.

Mr. Cerrudo said he was increasingly uncovering similar problems in other products and systems incorporated into smart cities. He has discovered simple software bugs, poorly installed encryption or even no encryption at all in these systems. And he has found that many are wide open to a fairly common attack, known as a distributed denial of service, or DDoS, in which hackers overwhelm a network with requests until it collapses under the load.

Mr. Cerrudo has found ways to make red or green traffic lights stay red or green, tweak electronic speed limit signs, or mess with ramp meters to send cars onto the freeway all at once.

Security researchers say that the opportunities for a maliciously minded hacker or government abound. Last year, security researchers at the Black Hat Europe conference in Amsterdam demonstrated how to black out parts of cites simply by manipulating smart meters and exploiting encryption problems in power line communication technology.

Increasingly, cities are automating systems and services. Saudi Arabia, for example, is investing $70 million to build four new smart cities. In South Africa, a $7.4 billion smart city project is already underway. By 2020, the market for smart cities is predicted to reach $1 trillion, according to Frost & Sullivan, a consulting firm.

The current attack surface for cities is huge and wide open to attack, Mr. Cerrudo writes in a report he plans to present this week in San Francisco at the annual RSA Conference on security. This is a real and immediate danger.

The threat is not just hypothetical. Last year, security companies discovered a hacking group, known both as Dragonfly and Energetic Bear, that was actively targeting power networks across the United States and Europe.

Last year, the Department of Homeland Security acknowledged in a report that a sophisticated threat actor had broken into the control system network at a public utility, simply by guessing a password on an Internet-connected system.

And in 2012, Chinese military hackers successfully breached the Canadian arm of Telvent. The company, now owned by Schneider Electric, produces software that allows oil and gas pipeline companies and power grid operators to gain access to valves, switches and security systems remotely. It also keeps detailed blueprints on more than half the oil and gas pipelines in North America.

In 2013, the energy industry became the most-targeted sector for hackers in the United States, accounting for 56 percent of the 257 attacks reported to the Department of Homeland Security that year.

Some scientists are trying to redesign the smart grid to make it less vulnerable. Currently, the smart grid is centralized, controlled by the energy suppliers, which makes utility companies a juicy target for hackers.